Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A potential out-of-bounds error has been fixed when the buffer offset is invalid. I identified a potential out-of-bounds situation when the buffer offset fields of several requests are invalid. This patch sets the minimum...

Astra Linux - уязвимость в xorg-server

A out-of-bounds write flaw was discovered in the xorg-x11-server. This issue arises due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c, and in the RRChangeOutputProperty function in randr/rrproperty.c...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The hardcoded hdr2len parameter was replaced with the offsetof function in smb2calcmaxoutbuflen. After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", the management of response buffers was changed to use ...

mt6893-security-research

MT6893 Security Research Five security research findings from...

Security Bulletin: NVIDIA SNAP4 - March 2026

To protect your system, download and install the latest NVIDIA components from the links provided in this document. Go to NVIDIA Product Security. Details This section provides a summary of potential vulnerabilities that this security update addresses and their impact. Descriptions use CWE™, and...

kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validating the command header size against SVGACMDMAXDATASIZE This data originates from user space and is used in buffer offset calculations, which may potentially lead to an out-of-bounds access due to overflow...

CVE-2025-40277

No description is available for this CVE. Mitigation To mitigate this issue, prevent module vmwgfx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically...

DEBIAN-CVE-2025-40277

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

UBUNTU-CVE-2025-40277

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

EUVD-2023-57683

Malicious code in bioql PyPI...

UBUNTU-CVE-2023-53312

In the Linux kernel, the following vulnerability has been resolved: net: fix netdevstartxmit trace event vs skbtransportoffset After blamed commit, we must be more careful about using skbtransportoffset, as reminded us by syzbot: WARNING: CPU: 0 PID: 10 at include/linux/skbuff.h:2868...

CVE-2023-53312 net: fix net_dev_start_xmit trace event vs skb_transport_offset()

In the Linux kernel, the following vulnerability has been resolved: net: fix netdevstartxmit trace event vs skbtransportoffset After blamed commit, we must be more careful about using skbtransportoffset, as reminded us by syzbot: WARNING: CPU: 0 PID: 10 at include/linux/skbuff.h:2868...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A slab-out-of-bounds issue was fixed in smbstrndupfromutf16. If the -NameOffset of smb2createreq is smaller than the Buffer offset of smb2createreq, a slab-out-of-bounds read may occur from smb2open. This patch sets the...

OESA-2025-1097 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This pat...

OESA-2025-1093 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This pat...

SUSE CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

DEBIAN-CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

UBUNTU-CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

UBUNTU-CVE-2023-52168

The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 for 7zz contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512i-2, for i=9, i=10, i=11, etc...